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Reasons for Allowance 
The Examiner's independent search has confirmed Stefik et al. as being the closest art to 
applicant's invention. Applicant has identified Stefik et al, US patent 5629980 in the 
Information Disclosure Statement of Jun 4 th , 2002. The Examiner has used a substantially 
similar patent also by Stefik et al., US patent 5,638,443 which is drawn towards a near identical 
specification. 

Stefik et al discloses a method for a first user to provide secure access to electronic documents or 
services stored on a document server located on a network to a second user, and where both the 
first user, the second user, and the document server have each associated therewith a public key 
that is associated with a corresponding private key (Column 26, lines 62-67) & (Column 27, 
lines 23-47) & (Column 28, line 44-65) , the method performed on the document server 
comprising: 

• Exchanging public keys with the first user to establish a first secure session; (Column 27, 
lines 23-47) & (Column 28, line 44-65) 

• Receiving from the first user a request to list a file directory; (Column 38, lines 45-65) 

• Authenticating the first user's access to the file directory using credentials provided by 
the first user when the first secure session is established; (Column 38, line 66 - Column 
39, line 5) 
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• Transmitting to the first user a listing of the file directory server over the first secure 
session; the listing identifying a set of paths to content available on the document server; 
(Column 38, lines 54- column 39, line 34) 

• Exchanging public keys with the second user to establish a second secure session; 
(Column 28, lines 44-65) & (Column 27, lines 23-47) 

• Receiving from the second user a request for access to selected content on the document 
server; (Column 6, lines 23-34) the request for access including a token identifier that is 
recorded at the document server and associated with a path from the set of paths to the 
selected content available on the document server; (Column 8, lines 60-65) & (Column 
31, lines 1-15) & (Column 34, lines 24-30, 53-58) 

• Authenticating the request for access using: (a) the public key of the second user received 
from the second user while establishing the second secure session, and (b) a digital 
signature signed using the private key of the first user that is a signed cryptographic 
digest of the public key of the second user and other information relating to the request 
for access to the selected document content on the document server; and (Column 13, 
lines 17-25) 

• Providing the second user with access to the selected content over the second secure 
session if the request for access is authenticated. (Column 6, lines 35-47) 

However, it is of particular note that the equivalences between the parties performing the recited 

limitations between Stefik et al. and claim 1 cannot be maintained consistently. 

The Applicant discloses three parties, the first user, the second user, and document server. 
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Stefik et al. discloses a creator, repository 1, repository 2, authorization repository, rendering 
repository, master repository. 

The first key exchange is performed between a first repository and second repository, where 
repository 1 can be said to be equivalent with the first user, repository 2 is equivalent to the 
second user, and the public key that is exchanged is stored as part of the certificate that is 
transmitted. Stefik et al. also goes on to say that "The registration must by symmetrical so that 
same set of steps will be repeated for repository-2 registering it's identity with repository 1." 
(Column 27, lines 27-30) 

In this case, the Examiner has established equivalence as follows: 
Repository 1 = first user, Document server 
Repository 2 = second user 

Figure 1, of Stefik et al. clearly shows the repository 2 requests access to the digital work from 
repository 1. Elements 104 and 105 show that repository 1 shows an authentication process of 
sorts. However, Stefik et al. does not disclose an embodiment with regards to the equivalence as 
set forth by the examiner wherein, the first user would request a list to a file directory and to 
check that directory listing. 



• Receiving from the first user a request to list a file directory; (Column 38, lines 45-65) 
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• Authenticating the first user's access to the file directory using credentials provided by 
the first user when the first secure session is established; (Column 38, line 66 - Column 
39, line 5) 

• Transmitting to the first user a listing of the file directory server over the first secure 
session; the listing identifying a set of paths to content available on the document server; 
(Column 38, lines 54- column 39, line 34) 

(Column 38, lines 45 - Column 9, 34) discloses a method by Stefik et al. that shows that a user 
making directory requests to a server. However, if repository 1 is to act as the storage from 
which repository 2 acquires the data, as shown in Figure 1, Repository 1 would act as the 
document server. The server itself would not be a user of the content but rather a distributor. 
To request a display or listing of the directory and to authenticate that access is disclosed by 
Stefik et al. as an action that Repository 2 would perform, but not repository 1. 

The Examiner has also considered an alternative set of equivalences to "fit the claim". In an 
alternative set, 

Repository 1 would act as a the second user, document server. 
Repository 2 would act as the first user. 

In this case, Stefik et al. would adequately disclose the limitations as such: 

• Receiving from the first user a request to list a file directory; (Column 38, lines 45-65) 



• Application/Control Number: 10/063,361 Page 6 

Art Unit: 2134 

• Authenticating the first user s access to the file directory using credentials provided by 
the first user when the first secure session is established; (Column 38, line 66 - Column 
39, line 5) 

• Transmitting to the first user a listing of the file directory server over the first secure 
session; the listing identifying a set of paths to content available on the document server; 
(Column 38, lines 54- column 39, line 34) 

However, such a set of equivalences would then fail to establish these limitations because Stefik 
et al. does not disclose repository 1 downloading from repository 2: 

• Receiving from the second user a request for access to selected content on the document 
server; (Column 6, lines 23-34) the request for access including a token identifier that is 
recorded at the document server and associated with a path from the set of paths to the 
selected content available on the document server; (Column 8, lines 60-65) & (Column 
31, lines 1-15) & (Column 34, lines 24-30, 53-58) 

• Authenticating the request for access using: (a) the public key of the second user received 
from the second user while establishing the second secure session, and (b) a digital 
signature signed using the private key of the first user that is a signed cryptographic 
digest of the public key of the second user and other information relating to the request 
for access to the selected document content on the document server; and (Column 13, 
lines 17-25) 

• Providing the second user with access to the selected content over the second secure 
session if the request for access is authenticated. (Column 6, lines 35-47) 
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Therefore, while Stefik et al. discloses the functional limitations of claim 1, Stefik et al. does not 
disclose an embodiment that would maintain a set of equivalences consistent to meet Applicant's 
claim. 

Stefik et al. however additionally to disclose the following: 

• A method where the first user is a registered user of the document server and the second 
user is not a registered user of the document server 

No art has been found that would suggest an alternative set of embodiments to reject the 
elements of claim 1 nor can any art be found where the first user is a registered user of the 
document server and the second user is not a registered user of the document server. No 
motivation can be found to combine. For these reasons, claim 1 has been held to be allowable. 

Claims 13 and 17 are substantially similar to claim 1 and are allowable for the same reasons. 
Claims 2-12, 14-16, 18-20 are dependent on claims 1, 13, 17 are allowable because their 
independent claims are allowable. 

Conclusion 

2. Any inquiry concerning this communication from the examiner should be directed to 
Thomas M Ho whose telephone number is (571)272-3835. The examiner can normally be 
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reached on M-F from 9:30 AM - 6:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Gregory A. Morse can be reached on (571)272-3838. 

The Examiner may also be reached through email through Thomas.Ho6@uspto.gov 

Any inquiry of a general nature or relating to the status of this application or proceeding should 
be directed to the receptionist whose telephone number is (571)272-2100. 

General Information/Receptionist Telephone: 571-272-2100 Fax: 703-872-9306 
Customer Service Representative - Telephone: 57 1 -272-21 00 Fax: 703-872-9306 
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